safe deletion of files
 

hello all.

this thread serves to address a simple question.

Do flash drives hold traces of deleted stuff on them which can lead to
deletion reversion like it can happen on magnetic media like HDD's ?

my personal answer is no , but I have a small doubt of %1 and since this is a security issue so I thought i'd better get the facts assured.

P.S with the word "deleted" I'm NOT referring to the process of removing files by only hitting the "delete" key , but I'm pointing to files/data which have been completely overwritten with new data basically zeros.(via drive formatting for example)

Formatting a drive does not overwrite it with anything.

If you "shred" the drive the data will be completely overwritten with zeros

usually if i want to delete stuff to unrecoverable you can use shred
but to wipe a whole defice i usualy just use dd if=/dev/urandom of=/dev/sda a few times and throw in a few dd if=/dev/zero of=/dev/sda but seeing as that is a solid state device i dont believe there is any slop in how it is written that would facilitate file recovery in magnetic media.

drive formating does very little. I personally have recovered entire drives that were formated.

Oh really :confused: , probably it depends on the type of formatting doesn't it ?
anyways , I see that formatting isn't the best way to destroy data irreversibly .

alright I know about shred but let me have a look at the commands you gave ,from what I can speculate
those commands do copy something random into sda then a bunch of zero into it (probably to hide the fact that is has been "Shredded")
nonetheless , I'd appreciate if you would explain in more detail how this command dd works and why it's better to use than shred on wiping out devices beyond recognition.

As already stated formating does nothing with the data part of the filesystem. It really only zeros out the meta data i.e. FAT, inodes etc. etc. to save time.

It depends on the filesystem. shred will not erase any data in the journal. Journalized filesystems are like ext3, reiserfs, jfs and xfs. dd operates on the byte level so basically you are wiping out the entire partition with ones and zeros.

Your other question about the differences between flash memory vs magnetic media. IMHO flash or any other solid state memory can not have a residual state. Once a cell has been changed to a one you can not tell if it ever was a zero.

Thanks , that was exactly the answer I was looking for :cool:
i also appreciate the other infos , yes I've gained indeed some new intel:p

cheers

I did some googling and discovered that I was wrong. I did find that flash memory does have a residual properties. Unless your storing classified material I would not worry about it to much. And stupid me, you should write zeros instead of ones....

http://islab.oregonstate.edu/ches/ch...orobogatov.pdf